diff options
Diffstat (limited to 'base/ra/lib/perl/PKI/RA/SizePanel.pm')
-rwxr-xr-x | base/ra/lib/perl/PKI/RA/SizePanel.pm | 245 |
1 files changed, 245 insertions, 0 deletions
diff --git a/base/ra/lib/perl/PKI/RA/SizePanel.pm b/base/ra/lib/perl/PKI/RA/SizePanel.pm new file mode 100755 index 000000000..f55dc41e9 --- /dev/null +++ b/base/ra/lib/perl/PKI/RA/SizePanel.pm @@ -0,0 +1,245 @@ +#!/usr/bin/perl +# +# --- BEGIN COPYRIGHT BLOCK --- +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; version 2 of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +# +# Copyright (C) 2007 Red Hat, Inc. +# All rights reserved. +# --- END COPYRIGHT BLOCK --- +# +# +# +# + +use strict; +use warnings; +use PKI::RA::GlobalVar; +use PKI::RA::Common; +use PKI::RA::CertInfo; + +package PKI::RA::SizePanel; +$PKI::RA::SizePanel::VERSION = '1.00'; + +use PKI::RA::BasePanel; +our @ISA = qw(PKI::RA::BasePanel); + +sub new { + my $class = shift; + my $self = {}; + + $self->{"isSubPanel"} = \&is_sub_panel; + $self->{"hasSubPanel"} = \&has_sub_panel; + $self->{"isPanelDone"} = \&PKI::RA::Common::no; + $self->{"getPanelNo"} = &PKI::RA::Common::r(11); + $self->{"getName"} = &PKI::RA::Common::r("Key Pairs"); + $self->{"vmfile"} = "sizepanel.vm"; + $self->{"update"} = \&update; + $self->{"panelvars"} = \&display; + bless $self,$class; + return $self; +} + +sub is_sub_panel +{ + my ($q) = @_; + return 0; +} + +sub has_sub_panel +{ + my ($q) = @_; + return 0; +} + +sub validate +{ + my ($q) = @_; + &PKI::RA::Wizard::debug_log("SizePanel: validate"); + return 1; +} + +sub update +{ + my ($q) = @_; + &PKI::RA::Wizard::debug_log("SizePanel: update"); + + my $instanceDir = $::config->get("service.instanceDir"); + my $done = $::config->get("preop.SizePanel.done"); + my $genKeyPair = $q->param('generateKeyPair'); + &PKI::RA::Wizard::debug_log("SizePanel: update generateKeyPair value=$genKeyPair"); + if ($done eq "true") { + if ($genKeyPair eq "") { + &PKI::RA::Wizard::debug_log("SizePanel: update generateKeyPair value not found, turn to off"); + $genKeyPair = "off"; + } + } else { + # firstime should always generate keys + $genKeyPair = "on"; + } + + foreach my $certtag (@PKI::RA::Wizard::certtags) { + my $select = $q->param($certtag.'_choice'); + my $keytype = $q->param($certtag.'_keytype'); + my $size = $q->param($certtag.'_custom_size'); + + &PKI::RA::Wizard::debug_log("SizePanel: update $certtag _choice=$select $certtag _keytype=$keytype customsize= $size"); + + $::config->put("preop.keysize.select", $select); + $::config->put("preop.cert.".$certtag.".keysize.select", $select); + + if (! isSupportedSize($keytype, $size)) { + &PKI::RA::Wizard::debug_log("SizePanel: update size $size not supported"); + return 0; + } + $::config->put("preop.cert.".$certtag.".keysize.customsize", $size); + $::config->put("preop.cert.".$certtag.".keytype", $keytype); + + if ($select eq "default") { + my $defaultSize = getDefaultSize($keytype); + &PKI::RA::Wizard::debug_log("SizePanel: update in default, defaultsize = $defaultSize"); + $::config->put("preop.keysize.customsize", $defaultSize); + $::config->put("preop.keysize.size", $defaultSize); + $::config->put("preop.cert.".$certtag.".keysize.size", $defaultSize); + + } elsif ($select eq "custom") { + &PKI::RA::Wizard::debug_log("SizePanel: update in custom, customsize = $size"); + $::config->put("preop.keysize.size", $size); + $::config->put("preop.cert.".$certtag.".keysize.size", $size); + } + + if ($genKeyPair eq "on") { + $::config->put("preop.cert.".$certtag.".certreq", ""); + $::config->put("preop.cert.".$certtag.".cert", ""); + } + } +#XXX should have better error checking to work better + $done = $::config->put("preop.SizePanel.done", "true"); + $::config->commit(); + + return 1; +} + +sub getDefaultSize { + my $keytype = $_[0]; + + if ($keytype eq "ecc") { + return 256; + } elsif ($keytype eq "rsa") { + return 2048; + } + + $::symbol{errorString} = "Unsupported keytype $keytype"; + return 0; +} + +sub isSupportedSize { + my $keytype = $_[0]; + my $size = $_[1]; + + if (($keytype eq "ecc") && ($size ne "256")) { + &PKI::RA::Wizard::debug_log("SizePanel: isSupportedSize ECC only supports size 256"); + $::symbol{errorString} = "Unsupported Size $size. ECC only supports size 256"; + return 0; + } + + if (($size eq "256") || ($size eq "512") || ($size eq "1024") || + ($size eq "2048") || ($size eq "4096")) { + return 1; + } + # wrong size + $::symbol{errorString} = "Unsupported Size $size. RSA only supports sizes 256, 512, 1024, 2048, and 4096"; + return 0; +} + +sub display +{ + my ($q) = @_; + + &PKI::RA::Wizard::debug_log("SizePanel: display"); + + my $done = $::config->get("preop.SizePanel.done"); + &PKI::RA::Wizard::debug_log("SizePanel: display is panel done? $done"); + if ($done eq "true") { + $::symbol{firsttime} = "false"; + } else { + $::symbol{firsttime} = "true"; + } + + my $domain_name = $::config->get("preop.securitydomain.name"); + if ($domain_name eq "") { + $domain_name = "RA Domain"; + } + + my $machine_name = $::config->get("service.machineName"); + my $instance_id = $::config->get("service.instanceID"); + + my $i = 0; + foreach my $certtag (@PKI::RA::Wizard::certtags) { + my $cert_dn = $::config->get("preop.cert.".$certtag.".dn"); + if ($cert_dn eq "") { + if ($certtag eq "subsystem") { + $cert_dn = "CN=RA Subsystem, " . + "OU=" . $instance_id . ", " . + "O=" . $domain_name; + } elsif ($certtag eq "sslserver") { + $cert_dn ="CN=" . $machine_name . ", " . + "OU=" . $instance_id . ", " . + "O=" . $domain_name; + } else { + $cert_dn = $certtag; + } + } + my $name = $::config->get("preop.cert.".$certtag.".userfriendlyname"); + if ($name eq "") { + $name = $certtag."Cert ".$instance_id; + } + my $cert = new PKI::RA::CertInfo($name, + $cert_dn, $certtag); + $::symbol{certs}[$i++] = $cert; + } + + #for "common key settings" + my $select = $::config->get("preop.keysize.select"); + if (($select eq "") || ($select eq "default")) { + $::symbol{select} = "default"; + } else { + &PKI::RA::Wizard::debug_log("SizePanel: display keysize select= $select"); + $::symbol{select} = $select; + } + my $default_size = $::config->get("preop.keysize.size"); + if ($default_size eq "") { + $::symbol{default_keysize} = 2048; + } else { + $::symbol{default_keysize} = $default_size; + } + + my $default_ecc_size = $::config->get("preop.keysize.ecc.size"); + if ($default_ecc_size eq "") { + $::symbol{default_ecc_keysize} = 256; + } else { + $::symbol{default_ecc_keysize} = $default_ecc_size; + } + + my $custom_size = $::config->get("preop.keysize.customsize"); + if ($custom_size eq "") { + $::symbol{custom_size} = 2048; + } else { + $::symbol{custom_size} = $default_size; + } + + + return 1; +} + +1; |